Language Selection

English French German Italian Portuguese Spanish

SUSE

SUSE/OpenSUSE: SUSE Doc Day at SUSECON 2020, OpenSUSE Board Election and More

Filed under
SUSE
  • Yes We Do it Again: SUSE Doc Day at SUSECON 2020

    A Doc Day is a time when a group of people gathers to collaborate on writing documentation on one or more given topics. The main premise for our Doc Day is to get a group of interested people – YOU – in a room together and have you work towards shared goals. To help you feel more comfortable, we will give a short overview of our documentation, how we usually work, and how you can contribute.
    Of course, you cannot write entire manuals or guides in one single day. But you can help us to improve existing documentation by reviewing, editing and updating it. In addition, we will use the Doc Day to kick-off the creation of new guides and papers for topics that you think are not yet covered (well enough).

  • openSUSE Board election 2019-2020 – Call for Nominations, Applications

    Two seats are open for election on the openSUSE Board. Gertjan Lettink completed his second term. Simon Lees completed his first term and thus he is eligible to run as a Board candidate again should he wish to do so.

  • status.opensuse.org updated

    Our infrastructure status page at https://status.opensue.org/ is using Cachet under the hood. While the latest update brought a couple of bugfixes it also deprecated the RSS and Atom feeds, that could be used to integrate the information easily in other applications.

    While we are somehow sad to see such a feature go, we also have to admit that the decision of the developers is not really bad - as the generation of those feeds had some problems (bugs) in the old Cachet versions. Instead of fixing them, the developers decided to move on and focus on other areas. So it's understandable that they cut off something, which is not in their focus, to save resources.

  • SSL cipher updates

    Sometimes it's a good idea to follow best practices. This is what we did by following the recommendations for "general-purpose servers with a variety of clients, recommended for almost all systems" from https://ssl-config.mozilla.org/.

Tumbleweed Snapshots Rate Top-Notch, Get Krita, QEMU, Mesa Updates

Filed under
SUSE

Closing out the month, there were two snapshots with version upgrades and one snapshot (20191127) that produced some minor changes to a couple Advanced Linux Sound Architecture (ALSA) packages.

The first Tumbleweed snapshot for December arrived with the 20191202 snapshot. Updated were also made to ALSA with the update of the 1.2.1.1 versions of alsa-plugins, alsa-utils and asla, which dropped 25 patches and fixed regressions for the UCM parser. GNOME had several package updates for gedit, evolution and more. The 3.34.2 version of gnome-software fixed a potential threading crash when using flatpak and had an upstream fix for fwupd. An updated version of ModemManager 1.12.0, which is a DBus-activated daemon that controls mobile broadband devices and connections, had a large amount of improvements and changes to include adding support for Mobile Station Based Assisted-GPS in addition to Mobile Station Assisted Assisted-GPS. Revision control tool mercurial 5.2 made some backwards compatibility changes and added some new feature extensions with its quarterly release. The update of perl 5.30.1 triggered an issue recorded on the snapshot reviewer because the newer version and patch that came in it is problematic for embedded Perl usage. Several other packages were updated in the snapshot to include qemu 4.1.93, re2 20191101, xen and xorg-x11-server. The one major version change in the snapshot was an update to terminal multiplexer tmux 3.0a; the major release that allows its users to easily switch between several programs in one terminal offers new features like added support for the SD (scroll down) escape sequence and for underscore colors.

Read more

More OpenSUSE: Etherpad updated

News About Servers (SUSE, Ubuntu, Red Hat and More)

Filed under
Server
SUSE
  • What is Cloud Native?

    Cloud native is more than just a buzzword, though. It's an approach used by some of the largest organizations on the planet, including Walmart, Visa, JP Morgan Chase, China Mobile, Verizon and Target, among others. Cloud native is an approach that enable developers and organization to be more agile, providing workload portability and scalability.

  • What is Kata Containers and why should I care?

    Kata Containers can significantly improve the security and isolation of your container workloads. It combines the benefits of using a hypervisor, such as enhanced security, and container orchestration capabilities provided by Kubernetes.

    Together with Eric Erns from Intel, we have recently performed a webinar in which we presented the benefits of using Kata Containers in a Charmed Kubernetes environment. In this blog, we aim to highlight the key outcomes from this webinar.

  • An idiot's guide to Kubernetes, low-code developers, and other industry trends

    As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.

  • A blueprint for OpenStack and bare metal

    The bare metal cloud is an abstraction layer for the pools of dedicated servers with different capabilities (processing, networking or storage) that can be provisioned and consumed with cloud-like ease and speed. It embraces the orchestration and automation of the cloud and applies them to bare metal workload use cases.

    The benefit to end users is that they get access to the direct hardware processing power of individual servers and are able to provision workloads without the overhead of the virtualization layer—providing the ability to provision environments in an Infrastructure-as-code methodology with separation of tenants and projects.

  • Software Development, Microservices & Container Management – Part III – Why Kubernetes? A Deep Dive into Kubernetes world

    Together with my colleague Bettina Bassermann and SUSE partners, we will be running a series of blogs and webinars from SUSE (Software Development, Microservices & Container Management, a SUSE webinar series on modern Application Development), and try to address the former questions and doubts about K8s and Cloud Native development and how it is not compromising quality and control.

  • Epic Performance with New Tuning Guide – SUSE Linux Enterprise Server on AMD EPYC* 7002 Series Processors

    EPYC is AMD’s flagship mainstream server microprocessors and supports 1-way and 2-way multiprocessing. The first generation was originally announced back in May 2017 and replaced the previous Opteron server family with the introduction of the Zen microarchitecture for the mainstream market.

  • Content Lifecycle Management in SUSE Manager

    Content Lifecycle management is managing how patches flows through your infra in a staged manner. In ideal infra, latest patches will always be applied on development servers. If everything is good there then those patches will be applied to QA servers and lastly to production servers. This enables sysadmins to catch issues if any and hence preventing patching of prod system which may create downtime of live environments.

    SUSE Manager gives you this control via content lifecycle. In this, you create custom channels in SUSE Manager for example dev, qa and prod. Then you register your systems to those channels according to their criticality. Now whenever channels gets the new patches it will be available to respective systems (registered to those channels) to install. So if you control channels you control the patch availability to systems.

    In content lifecycle management, suse manager enables you to push patches to channels manually. Like on first deploy all latest patches will be available to dev channels and hence dev systems. At this stage, if you run update commands (zypper up, yum update) they will show latest patches only on dev servers. QA and prod servers wont show any new patches.

  • The Early History of Usenet, Part VII: Usenet Growth and B-News

    For quite a while, it looked like my prediction — one to two articles per day — was overly optimistic. By summer, there were only four new sites: Reed College, University of Oklahoma (at least, I think that that's what uucp node uok is), vax135, another Bell Labs machine — and, cruciallyy, U.C. Berkeley, which had a uucp connection to Bell Labs Research and was on the ARPANET.

    In principle, even a slow rate of exponential growth can eventually take over the world. But that assumes that there are no "deaths" that will drive the growth rate negative. That isn't a reasaonable assumption, though. If nothing else, Jim Ellis, Tom Truscott, Steve Daniel, and I all planned to graduate. (We all succeeded in that goal.) If Usenet hadn't shown its worth to our successors by then, they'd have let it wither. For that matter, university faculty or Bell Labs management could have pulled the plug, too. Usenet could easily have died aborning. But the right person at Berkeley did the right thing.

    Mary Horton was then a PhD student there. (After she graduated, she joined Bell Labs; she and I were two of the primary people who brought TCP/IP to the Labs, where it was sometimes known as the "datagram heresy". The phone network was, of course, circuit-switched…) Known to her but unknown to us, there were two non-technical ARPANET mailing lists that would be of great interest to many potential Usenet users, HUMAN-NETS and SF-LOVERS. She set up a gateway that relayed these mailing lists into Usenet groups; these were at some point moved to the fa ("From ARPANET") hierarchy. (For a more detailed telling of this part of the story, see Ronda Hauben's writings.) With an actual traffic source, it was easy to sell folks on the benefits of Usenet. People would have preferred a real ARPANET connection but that was rarely feasible and never something that a student could set up: ARPANET connections were restricted to places that had research contracts with DARPA. The gateway at Berkeley was, eventually, bidirectional for both Usenet and email; this enabled Usenet-style communication between the networks.

openSUSE Leap 15.0 Reached End of Life, Upgrade to openSUSE Leap 15.1 Now

Filed under
SUSE

The openSUSE Leap 15.0 operating system release has reached end of life on November 30th, 2019, which was the last day when it received software updates and security patches.
openSUSE Leap 15.0 was released 18 months ago, on May 25th, 2018, and it was based on the SUSE Enterprise Linux 15 operating system series. It was the first OpenSuSE Leap release to adopt a new versioning scheme that's in sync with upstream SUSE Enterprise Linux (SLE) releases.

As of November 30th, 2019, openSUSE Leap 15.0 will no longer receive software updates and security patches for its core components or apps. Therefore, users are encouraged upgrade their computers as soon as possible to the latest version, openSUSE Leap 15.1, which will be supported with software updates and security patches until November 2020.

"openSUSE Leap 15.0 will receive no further maintenance or security updates after that date. It is recommended for openSUSE Leap users to upgrade to the current release openSUSE Leap 15.1. The next release, openSUSE Leap 15.2, is planned for May 2020." said Marcus Meissner, SUSE Security and openSUSE Maintenance.

Read more

Red Hat, IBM and SUSE

Filed under
Red Hat
SUSE
  • Raytheon Leans on Red Hat to Advance DevSecOps

    Jon Check, senior director for cyber protection solutions for Raytheon Intelligence, Information and Services, said Raytheon has developed a set of DevSecOps practices for organizations building applications deployed in highly secure environments, involving government contracts.

    Raytheon and these customers have been challenged by a chronic shortage of IT professionals with the appropriate level of clearance to work on these classified projects. To overcome that issue, Check said Raytheon developed what it describes as a “code low, deploy high” approach to DevSecOps. Developers who lack security clearances can still build applications; however, those applications can only be deployed by IT professionals having the appropriate security clearance.

    In addition, Check said Raytheon has developed integrations between its DevSecOps framework and various IT tools based on the ITIL framework, which so many IT operations teams depend on to foster collaboration across the application development and deployment process. For example, he said, whenever code gets checked into a repository, an alert can be sent to an IT service management application from ServiceNow.

  •                    

  • [Older] IBM: ‘Mac users are happier and more productive’ [iophk: duh]

                         

                           

    IBM CIO Fletcher Previn talked up fresh IBM findings that show those of its employees who use Macs are more likely to stay with IBM and exceed performance expectations compared to [Windows] users.

  •                    

  • [Older] IBM: Mac users perform better at work and close larger high-value sales compared to [Windows] users

                         

                           

    Today, IBM announced some major news showing the benefits of using a Mac over a [Windows machine] at work. According to IBM research, there are 22% more macOS users who exceed expectations in performance reviews compared to Windows users. High-value sales deals also tend to be 16% higher for Mac users compared to [Windows] users.

  •                    

  • [Older] IBM: Our Mac-Using Employees Outperform Windows Users in Every Way

                         

                           

    According to IBM, one staff member can support 5,400 Mac users, while the company needed one staff member per 242 [Windows] users. Only 5 percent of Mac users called the help desk for assistance, compared with 40 percent of [Windows] users. This Mac-IBM love affair has been ongoing for a few years, and the same IBM PR points out that in 2016, IBM CIO Fletcher Previn declared that IBM saves anywhere from $273 to $543 when its end users choose Mac over [Windows].

  • Centiq receives highest SUSE Solution Partner certification to bolster best-in-class enterprise cloud application migration and implementation expertise for SAP projects
  • Noop now named none

    Lately more and more people approached me with saptune warnings regarding ‘noop’ being an invalid scheduler.
    With new Servie Packs we see a transition from non-multiqueue schedulers (noop, cfq, deadline) to multiqueue schedulers (none, mq-deadline, bfq, kyber).
    This transition will be finished with kernel 5.x (SLES 15 SP2). Only multiqueue schedulers will remain.
    Even if you do not have upgraded lately, new hardware like NVMe’s can come with multiqueue support only.

SUSE/OpenSUSE Development Report

Filed under
SUSE
  • openSUSE Tumbleweed – Review of the week 2019/47

    Another week, in which openQA did block some of the snapshots – and some issues it was unfortunately not able to see. Anyway, during the week 2019/47 we have released three snapshot into the wild (1116, 1118 and 1119), containing those changes:

    Mesa 19.2.4: fixes critical rendering issues from earlier Mesa 19.2.3. As this rendering issue did not happen on all graphics adapters, openQA had no chance of spotting it
    Linux kernel 5.3.11
    KDE Plasma 5.17.3
    Subversion 1.13.0
    binutils 2.33.1

  • YaST Team: Highlights of YaST Development Sprints 88 and 89

    A few weeks ago, we wrote about the new ItemSelector widget that is finding its way into YaST user interfaces. It turned out that just a simple on/off status is not enough in some cases, so we had to extend that concept. For example, software modules may have dependencies, and we want to show the difference between one that was explicitly selected by the user and one that was auto-selected because some other software module requires it.

    This kind of shook the foundations of the underlying classes; all of a sudden a bit is no longer just a bit, but it needs to be broken down into even smaller pieces. Well, we cheated; we now use integer values instead. Most of the class hierarchy still only uses 0 and 1, but the new YCustomStatusItemSelector also supports using higher numbers for application-defined purposes.

    For each possible status value, the application defines the name of the icon to be displayed (for graphical UIs like the Qt UI), the text equivalent (for text mode / the NCurses UI), and an optional nextStatus which tells the widget what status to cycle to when the user changes the status of an item with a mouse click or with the keyboard. A value of -1 lets the application handle this.

    So this is not a one-trick-pony that is useful only for that one use case (the software modules), but a generic tool that might find good uses in other places all over YaST as well.

SUSE: Unified Patents, SC19 and Iguazio

Filed under
SUSE
  • SUSE welcomes cooperation of Open Invention Network, Linux Foundation, IBM and Microsoft in co-funding Unified Patent’s new Open Source Zone

    An eternal truth is that everything has its opposite for good and evil. Patents are no exception. In fact, even the simple word ‘Patent’ evokes much positive and negative emotion in today’s software world – particularly as news continues to circulate around baseless patent lawsuits by non-practicing entities (NPEs).
    But in news this week there is a bit of positive for a change. The positive news is the announcement of the efforts by Unified Patents to reduce NPE assertion of invalid patents in the open source software zone.

  • SC19: Empowering SUSE HPC customers with expanded options

    SC19, the International Conference for High Performance Computing, Networking, Storage and Analysis is just around the corner. For SUSE, it’s a great opportunity to reconnect with customers and partners working in one of the sectors of our industry driving significant innovation in all aspects of computing.

    If I tried to succinctly define SUSE’s message at SC19, it would be: “As with any journey, who you travel with is more important than the destination”. In SUSE’s instance, customers and partners make up our travel companions. In this journey, the customer is in the driver’s seat and elects the destination. Our role at SUSE is to empower HPC customers with choice across processor and GPU platforms as well as delivery options (on-premise, cloud, or hybrid).

  • SUSE and Iguazio Break the Mold by Providing an Open Source Solution for Enterprise Data Science Teams

    The notions of collaborative innovation, openness and portability are driving enterprises to embrace open source technologies. Anyone can download and install Kubernetes, Jupyter, Spark, TensorFlow and Pytorch to run machine learning applications, but making these applications enterprise grade is a whole different story. Delivering enterprise grade applications involves scalability, high-performance, tuning, monitoring, security and automation of infrastructure tasks. It can take months and typically requires a large team of developers, data scientists and data engineers.

SUSE Leftovers

Filed under
SUSE
  • Virtualization Management with SUSE Manager

    SUSE® Manager 4 is a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity for life-cycle management of Linux systems in large, complex and dynamic IT landscapes. You can use SUSE Manager to configure, deploy and administer thousands of Linux systems running on hypervisors, as containers, on bare metal systems, IoT devices and third-party cloud platforms. SUSE Manager also allows you to manage virtual machines (VMs).

    Virtualization is the means by which IT administrators create virtual resources, such as hardware platforms, storage devices, network resources and more. There are quite a few tools that enable the creation of virtual resources (such as Xen and KVM), but what about the management of those tools? That’s where SUSE Manager comes in.

  • Private and Air-Gap registry for openSUSE Kubic

    Sometimes there are occasions where direct internet access is not possible (proxy/offline/airgapped). Even in this setups it is possible to deploy and use Kubernetes with openSUSE Kubic and a local private registry.

    In this blog I will explain how to setup a local server which acts as private registry providing all the container images needed to deploy Kubernetes with openSUSE Kubic.

  • Join SUSE in Booth #4011 at AWS re:Invent, Las Vegas, December 2-6th!

Red Hat and SUSE Servers: Boston Children’s Hospital, IBM and SUSE in High-Performance Computing (HPC)

Filed under
Red Hat
SUSE
  • How Boston Children’s Hospital Augments Doctors Cognition with Red Hat OpenShift

    Software can be an enabler for healers. At Red Hat, we’ve seen this first hand from customers like Boston Children’s Hospital. That venerable infirmary is using Red Hat OpenShift and Linux containers to enhance their medical capabilities, and to augment their doctors cognitive capacity.

  • Entry Server Bang For The Buck, IBM i Versus Red Hat Linux

    In last week’s issue, we did a competitive analysis of the entry, single-socket Power S914 machines running IBM i against Dell PowerEdge servers using various Intel Xeon processors as well as an AMD Epyc chip running a Windows Server and SQL Server stack from Microsoft. This week, and particularly in the wake of IBM’s recent acquisition of Red Hat, we are looking at how entry IBM i platforms rate in terms of cost and performance against X86 machines running a Linux stack and an appropriate open source relational database that has enterprise support.

    Just as a recap from last week’s story, the IBM i matchup against Windows Server systems were encouraging in that very small configurations of the Power Systems machine running IBM i were less expensive per unit of online transaction processing performance as well as per user. However, on slightly larger configurations of single socket machines, thanks mostly to the very high cost per core of the IBM i operating system and its integrated middleware and database as you move from the P05 to P10 software tiers on the Power S914, the capital outlay can get very large at list price for the Power iron, and the software gets very pricey, too. The only thing that keeps the IBM i platform in the running is the substantially higher performance per core that the Power9 chip offers on machines with four, six, or eight cores.

    Such processors are fairly modest by 2019 standards, by the way, when a high-end chip has 24, 28, 32, or now 64 cores, and even mainstream ones have 12, 16, or 18 cores. If you want to see the rationale of the hardware configurations that we ginned up for the comparisons, we suggest that you review the story from last week. Suffice it to say, we tried to get machines with roughly the same core counts and configuration across the Power and X86 machines, and generally, the X86 cores for these classes of single socket servers do a lot less work.

  • Rise of the Chameleon – SUSE at SC19

    The impact of High-Performance Computing (HPC) goes beyond traditional research boundaries to enhance our daily lives.  SC19 is the international conference for High Performance Computing, networking, storage and analysis taking place in Denver November 17-22.  SUSE will once again have a strong presence at SC19 – and if you are attending we would love to talk to you!  Our SUSE booth (#1917) will include our popular Partner Theater as well as a VR light saber game with a Star Wars themed backdrop.  We will showcase SUSE’s HPC core solutions (OS, tools and Services) as well as AI/ML, Storage and Cloud open source products.  Plus, during the gala opening reception we will premier our new mini-movie “Sam the IT Manager in The Way of the Chameleon: The Quest for HPC” which you don’t want to miss (we’ll provide the popcorn)!

SUSE Continues Working On Linux Core Scheduling For Better Security

Filed under
Linux
SUSE

SUSE and other companies like DigitalOcean have been working on Linux core scheduling to make virtualization safer particularly in light of security vulnerabilities like L1TF and MDS. The core scheduling work is about ensuring different VMs don't share a HT sibling but rather only the same VM / trusted applications run on siblings of a core.

SUSE's Dario Faggioli presented at the KVM Forum 2019 at the end of October in Lyon, France. Dario's presentation covered the latest work on core-scheduling for virtualization.

Read more

Also: The Disappointing Direction Of Linux Performance From 4.16 To 5.4 Kernels

Syndicate content

More in Tux Machines

today's howtos

Events: KVM Forum 2019 and "Bar Charts for Diversity"

  • A recap of KVM Forum 2019

    The 13th KVM Forum virtualization conference took place in Lyon, France in October 2019. One might think that development may have finished on the Kernel Virtual Machine (KVM) module that was merged in Linux 2.6.20 in 2007, but this year's conference underscored the amount of work still being done, particularly on side-channel attack mitigation, I/O device assignment with VFIO and mdev, footprint reduction with micro virtual machines (VMs), and with the ability to run VMs nested within VMs. Many talks also involved the virtual machine monitor (VMM) user-space programs that use the KVM kernel module—of which QEMU is the most widely used.

  • Enhancing KVM for guest protection and security

    A key tenet in KVM is to reuse as much Linux infrastructure as possible and focus specifically on processor virtualization. Back in 2007, this meant a smaller code base and less friction with the other kernel subsystems, especially when compared with other virtualization technologies such as Xen. This led to KVM being merged into the mainline with relative ease. But now, in the era of microarchitectural vulnerabilities, the priorities have shifted, and the KVM's reliance on other kernel subsystems can be a liability. For one thing, the host kernel widens the TCB (Trusted Computing Base) and makes for a larger attack surface. In addition, kernel data structures such as the direct memory map give Linux access to guest memory even when it is not strictly necessary and make it impossible to fully enforce the principle of least privilege. In his talk "Enhancing KVM for Guest Protection and Security" (slides [PDF]) presented at KVM Forum 2019, long-time KVM contributor Jun Nakajima explained this risk and suggested some strategies to mitigate it.

  • Bar charts for diversity

    At the Linux App Summit I gave an unconference talk titles Hey guys, this conference is for everyone. The “hey guys” part refers to excluding people from a talk or making them feel uncomfortable – you can do this unintentionally, and the take-away of the talk was that you, (yes, you) can be better. I illustrated this mostly with conversational distance, a favorite topic of mine that I can demonstrate easily on stage. There’s a lot of diversity in how far people stand away from strangers, while explaining something they care about. The talk wasn’t recorded, but I’ve put the slides up. Another side of diversity can be dealt with by statistics. Since I’m a mathematician, I have a big jar of peanuts and raisins in the kitchen. Late at night I head down to the kitchen and grab ten items from the jar. Darn, all of them are raisins. What are the odds!? Well, a lot depends on whether there are any peanuts in the jar at all; what percentage is peanuts; whether I’m actually picking things randomly or not. There’s a convenient tool that Katarina Behrens pointed me to, which can help figure this out. Even if there’s only a tiny fraction of peanuts in the jar, there’s an appreciable chance of getting one (e.g. change the percentage on that page to 5% and you’ll see).

Linux on the MAG1 8.9 inch mini-laptop (Ubuntu and Fedora)

The Magic Ben MAG1 mini-laptop is a 1.5 pound notebook computer that measures about 8.2″ x 5.8″ x 0.7″ and which features an 8.9 inch touchscreen display and an Intel Core m3-8100Y processor. As I noted in my MAG1 review, the little computer also has one of the best keyboards I’ve used on a laptop this small and a tiny, but responsive trackpad below the backlit keyboard. Available from GeekBuying for $630 and up, the MAG1 ships with Windows 10, but it’s also one of the most Linux-friendly mini-laptops I’ve tested to date. [...] I did not install either operating system to local storage, so I cannot comment on sleep, battery life, fingerprint authentication, or other features that you’d only be able to truly test by fully installing Ubuntu, Fedora, or another GNU/Linux-based operating system. But running from a liveUSB is a good way to kick the tires and see if there are any obvious pain points before installing an operating system, and for the most part the two operating systems I tested look good to go. Booting from a flash drive is also pretty easy. Once you’ve prepared a bootable drive using Rufus, UNetbootin, or a similar tool, just plug it into the computer’s USB port, hit the Esc key during startup to bring up the UEFI/SETUP utility. Read more Also: Top 10 technical skills that will get you hired in 2020

Android Leftovers